Re: Cutting support for OpenSSL 1.0.1 and 1.0.2 in 17~?
Jacob Champion <jacob.champion@enterprisedb.com>
From: Jacob Champion <jacob.champion@enterprisedb.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Daniel Gustafsson <daniel@yesql.se>,
Thomas Munro <thomas.munro@gmail.com>, Michael Paquier <michael@paquier.xyz>,
Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2024-04-03T17:25:36Z
Lists: pgsql-hackers
On Wed, Apr 3, 2024 at 8:29 AM Tom Lane <tgl@sss.pgh.pa.us> wrote: > I count 3 machines running 1.0.1, 18 running some flavor > of 1.0.2, and 7 running various LibreSSL versions. I don't know all the tradeoffs with buildfarm wrangling, but IMO all those 1.0.2 installations are the most problematic, so I dug in a bit: arowana CentOS 7 batfish Ubuntu 16.04.3 boa RHEL 7 buri CentOS 7 butterflyfish Photon 2.0 clam RHEL 7.1 cuon Ubuntu 16.04 dhole CentOS 7.4 hake OpenIndiana hipster mantid CentOS 7.9 margay Solaris 11.4.42 massasauga Amazon Linux 2 myna Photon 3.0 parula Amazon Linux 2 rhinoceros CentOS 7.1 shelduck SUSE 12SP5 siskin RHEL 7.9 snakefly Amazon Linux 2 The RHEL7-alikes are the biggest set, but that's already discussed above. Looks like SUSE 12 goes EOL later this year (October 2024), and it ships OpenSSL 1.1.1 as an option. Already-dead distros are Ubuntu 16.04 (April 2021), Photon 2 (January 2023), and Photon 3 (March 2024). That leaves AL2, OpenIndiana Hipster, and Solaris 11.4, all of which appear to have newer versions of OpenSSL shipped and selectable. --Jacob
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Remove obsolete unconstify()
- 1fb2308e698e 18.0 landed
-
Only perform pg_strong_random init when required
- c3333dbc0c0f 18.0 landed
-
Remove support for OpenSSL older than 1.1.0
- a70e01d4306f 18.0 landed
-
Support SSL_R_VERSION_TOO_LOW when using LibreSSL
- d80f2ce29465 17.0 landed
-
Support disallowing SSL renegotiation when using LibreSSL
- 44e27f0a6d07 17.0 landed
-
Doc: Use past tense for things which happened in the past
- 91d6429fad55 17.0 landed
-
Remove support for OpenSSL 1.0.1
- 8e278b657664 17.0 landed
-
Remove support for OpenSSL 0.9.8 and 1.0.0
- 7b283d0e1d1d 13.0 cited